revengerat | 4d1956a024410739534b98829bee601e05b2024a052bd172b3272732a5ebe1b8 | Triage

Submit
Reports

Overview

overview

Static

static

Disney+.exe

windows10-2004-x64

Sharing

General

Target

DisneyPlus Accounts checker With Capture.zip
Size

319KB
Sample

230408-h6m51sec9y
MD5

3525576e1a2910febe1bfe93fb2be14f
SHA1

3c7c3f00530ad758398249cf042c31363039a34d
SHA256

4d1956a024410739534b98829bee601e05b2024a052bd172b3272732a5ebe1b8
SHA512

0e147a26e227a2a6c2509c5b296bd251aca598913383373c43356771cf5663f1c19d86b251f570a2078c3d538e13b2df554150477a78c07a6b7022fa7f0a7564
SSDEEP

6144:HBqC/Blh/jz1kIp/KlHi6AZUij0YYyku0+oD1nzfB3bILBDWXE:HQCplh/j3FCCVj1Yy1UVrB3bkBh

Score

10^/10

revengerat guest stealer trojan

Static task

static1

stealer revengerat

2 signatures

Behavioral task

behavioral1

Sample

Disney+.exe

Resource

win10v2004-20230220-en

revengerat guest stealer trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

revengerat

Botnet

Guest

C2

167.71.213.170:1738

Mutex

RV_MUTEX-lDMFLRMSltdcKeY

Targets

- Target
  
  Disney+.exe
- Size
  
  503KB
- MD5
  
  7af6e766cda103858accd7ccdc151115
- SHA1
  
  7e00bdf6d462ec54c685651046d4cb40df1e4dc2
- SHA256
  
  b8fbe723db20cb1ae45230a87d495b2ab8751f1748de09fc2416955449a7bec4
- SHA512
  
  3a361b52ee2785b6ce61e2f972b85d8125e3bcd75828b4a7c1c971b803d3377318af75b8956254ce65562904b929dd55fd1555b14295507cbadff9117aaa443f
- SSDEEP
  
  6144:YSncRlTQGxePjKqjb76qtQ+nlsIcbnwdKN0IdIoWbze4uUsQkelLllarotYP:x4Xo7nQgls8seIceR74tO
Score

10^/10

revengerat guest stealer trojan
- RevengeRAT
  Remote-access trojan with a wide range of capabilities.
  trojan revengerat
- RevengeRat Executable
  stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Uses the VBS compiler for execution
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

stealerrevengerat

behavioral1

revengeratgueststealertrojan

© 2018-2024

Terms | Privacy